Frequently Asked Questions

Make sure you first register with the FCA or National Competent Authority of your host country and enrol with the Open Banking Directory. We can’t register any unenrolled organisation.

Next, you will need to register your application with us. Details on how to do this can be found on the Open Banking Directory Developer site. We only support application registration (onboarding) through APIs – there’s no manual process for this. You’ll need to use the POST /register API.

We’ll then send you some client information once your registration’s complete, you can then use this to identify your application in all future Open Banking service requests. This information is important and must be held securely and not be shared with anyone.

Here are some common onboarding tips to help you register first time

redirect_uris

Should match your TPP software statement, issued by the OBIE. Your redirect_uri parameter can be 2,000 characters, or fewer

software_id

Should be the software_client_id value taken from the SSA

scope

This should match what is on your SSA and should be written as "openid" and then followed by "accounts", "payments" or "fundsconfirmations" depending on your app. These can also be grouped to support multiple scopes for your app e.g. "openid accounts payments fundsconfirmations"

exp

The expiry date should be in a Unix time stamp format and not wrapped in speech marks

iss value

The value in the outer JWT should match TPP_orgid from your SSA

aud value

This value should be taken from the well known endpoint

iat

This value should be the time at which the request is issued by you. This should be provided in the Unix time stamp format and not wrapped in speech mark

token_endpoint_auth_method

Your token_endpoint_auth_method should be "tls_client_auth"

content-type

Should be "application/JWT" only

response-types

Must be "code id_token" only

jti

A unique identifier for the JWT. The value must be a UUIDv4GUID